A post-exploitation framework dubbed IceApple has been targeting global organizations that use Internet Information Services - Microsoft's extensible web server software - and Microsoft Exchange servers since at least 2021, says Falcon OverWatch, the proactive threat hunting team at CrowdStrike.
Three of 74 vulnerabilities identified by Microsoft are "critical" as they exploit remote code execution with escalation of privileges. There are also updates for a new NTLM relay attack using an LSARPC flaw, tracked as CVE-2022-26925, which is a Windows LSA spoofing vulnerability.
The U.S. National Institute of Standards and Technology has revised its guidance for organizations to counter supply chain risks. The new document addresses how to identify, assess and respond to cybersecurity risks throughout the supply chain at all levels of an organization.
Connecticut has just become the fifth U.S. state to get a comprehensive data privacy and online monitoring law, as Senate Bill No. 6 passed into law on Wednesday. The law will go into effect on July 1, 2023, which means that organizations in the state have just 14 months to prepare for compliance.
The Ukrainian city of Kherson faced a "near total" internet blackout on Saturday that cut off connectivity from Ukrainian service providers. Services were restored on Sunday, through regional Ukrainian provider Skynet, or Khersontelecom, but routed through Russia's Miranda and Rostelecom networks.
The median number of days an attacker dwells in a system before detection fell from 24 days in 2020 to 21 days in 2021, according to a Mandiant report. The biggest year-on-year decline in median dwell time occurred in the APAC region, where it dropped from 76 days in 2020 to 21 days in 2021.
LemonDuck, once a small piece of cryptomining malware, has evolved into a major botnet for cryptomining. After targeting Microsoft Exchange servers, it is now targeting Linux systems by using a malicious container on an exposed Docker API, according to CrowdStrike's Cloud Threat Research team.
As use of Apple devices has grown in the enterprise, the company has increasingly become a target for malware threats and other attacks. ISMG spoke with experts and CISOs about the seriousness of these threats and what organizations can do to mitigate the risks.
Kumar Ritesh, CEO and founder of Singapore-based cybersecurity firm Cyfirma, explores the threat landscape in 2022 and the new TTPs among cybercriminals. He offers his opinion about how and why the first offensive action in the next war will be a cyberattack.
The past month has been filled with action-packed virtual cybersecurity events as the enterprise community continues to deal with a myriad of cybersecurity challenges. While the topics covered were wide-ranging, ISMG analyzed two summits for common themes and shares the significant takeaways.
The interplay between security and privacy has changed some aspects of data management and protection. Nader Henein, vice president analyst at Gartner, discusses the factors driving the nexus, how companies can take advantage of it and tips on sharing data with third parties securely.
Gary Hibberd, known as "The Professor of Communicating Cyber" at cybersecurity services provider Cyberfort Group, discusses the biggest changes made since 2013 to the ISO 27001 international standard for an information security management system, which helps organizations secure their data assets.